file | Triage

Sharing

General

Target

file
Size

336KB
MD5

e94ec358349808b167fe25704bbb1c43
SHA1

6c48cab4905b96605d64de1718c6fe07b17392c0
SHA256

f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36
SHA512

a2a890b872704b49b0692b077439ee2a65e73641553729f614c5b230df0591d59984f3d564ffde9d11223133bedaf4a70e2db7075b4e5ca9de9d8bd5f7798ad7
SSDEEP

6144:b46HZImXdPNhShn6XpLaJba4XcwfkBYuOVx6rfWd+V9nJ2/FnRy5pg:b46HZlXXhOnY9a9PswfkBYuo0DLnJ2dP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

file

Files

file
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ